Jump to content

need help on getting malwarebyts to work


Recommended Posts

some times malwarebyts installs and some times it doesn't, but when it does it loads for about 3-5 seconds then immediately closes then when i try to open it up again it says windows is searching for mbam.exe. please help need to get rid of viruses or what ever is going on . how can i get malwarebyts to work on my computer?

Scan saved at 2:30:38 PM, on 11/14/2009

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\QuickTime\QTTask.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\WINDOWS\ALCXMNTR.EXE

C:\Program Files\Steam\Steam.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe

C:\Program Files\McAfee Security Scan\1.0.150\SSScheduler.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\System32\svchost.exe

C:\HP\KBD\KBD.EXE

C:\WINDOWS\AGRSMMSG.exe

c:\windows\system\hpsysdrv.exe

C:\Program Files\InterMute\SpySubtract\SpySub.exe

C:\WINDOWS\system32\wscntfy.exe

C:\Program Files\Java\jre1.5.0\bin\jusched.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...&pf=desktop

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll

O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files\Spyware Doctor\BDT\PCTBrowserDefender.dll

O4 - HKLM\..\Run: [siSPower] Rundll32.exe SiSPower.dll,ModeAgent

O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run

O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE

O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot

O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent

O4 - HKCU\..\Run: [steam] "C:\Program Files\Steam\Steam.exe" -silent

O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Startup: Compaq Organize.lnk = ?

O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\6750491\Program\Compaq Connections.exe

O4 - Global Startup: McAfee Security Scan.lnk = ?

O4 - Global Startup: SpySubtract.lnk = C:\Program Files\InterMute\SpySubtract\sslaunch.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)

O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)

O20 - AppInit_DLLs: zutozube.dll

O21 - SSODL: rekobofif - {9da8ba02-94b6-42eb-874a-987c18169052} - (no file)

O22 - SharedTaskScheduler: mujuzedij - {68d8bf69-30aa-47fd-b671-890d1b929238} - (no file)

O22 - SharedTaskScheduler: kupuhivus - {41b06838-5bd4-4df7-adcc-a3ba37549c2e} - (no file)

O22 - SharedTaskScheduler: jugezatag - {acc92b1b-d0e4-4983-a406-04f4ad5f8e93} - (no file)

O22 - SharedTaskScheduler: tokatiluy - {4728e706-0f88-4f1e-a381-6e93d12279cb} - (no file)

O22 - SharedTaskScheduler: tokatiluy - {68907469-5820-4e8d-a49e-610299314443} - (no file)

O22 - SharedTaskScheduler: tokatiluy - {e37f9696-321e-4d9d-ada0-d39405e0fca5} - (no file)

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe

O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

Link to post
Share on other sites

Please install an antivirus and firewall first, because it doesn't make any sense to remove malware from your system if no scanner is preventing them from reinfecting your computer.

AVG Anti-Virus, Avira OR Avast Home Edition are good FREE antivirus scanners.

After installing ONE antivirus program, download the latest signatures, and do a full system scan.

Without a firewall your computer is susceptible to being hacked and taken over:

Kerio Personal Firewall OR ZoneAlarm are good FREE firewalls.

Read Understanding and using firewalls to learn more about using firewalls

VERY IMPORTANT: Never install more than ONE antivirus scanner and firewall on your system! Several together can give problems and decrease their reliability and effectiveness!

Next,

open HijackThis, click do a scan only and place a check next to the following entries:

O20 - AppInit_DLLs: zutozube.dll

O21 - SSODL: rekobofif - {9da8ba02-94b6-42eb-874a-987c18169052} - (no file)

O22 - SharedTaskScheduler: mujuzedij - {68d8bf69-30aa-47fd-b671-890d1b929238} - (no file)

O22 - SharedTaskScheduler: kupuhivus - {41b06838-5bd4-4df7-adcc-a3ba37549c2e} - (no file)

O22 - SharedTaskScheduler: jugezatag - {acc92b1b-d0e4-4983-a406-04f4ad5f8e93} - (no file)

O22 - SharedTaskScheduler: tokatiluy - {4728e706-0f88-4f1e-a381-6e93d12279cb} - (no file)

O22 - SharedTaskScheduler: tokatiluy - {68907469-5820-4e8d-a49e-610299314443} - (no file)

O22 - SharedTaskScheduler: tokatiluy - {e37f9696-321e-4d9d-ada0-d39405e0fca5} - (no file)

Close all other windows and browsers, except HijackThis, and click Fix Checked. Close HijackThis.

Open MBAM, go to the update button and install the latest update. Now perform a quick scan.

Reboot and post a new Hijackthis log and the log from MBAM. Let me know how things are running.

Link to post
Share on other sites

Please install an antivirus and firewall first, because it doesn't make any sense to remove malware from your system if no scanner is preventing them from reinfecting your computer.

AVG Anti-Virus, Avira OR Avast Home Edition are good FREE antivirus scanners.

After installing ONE antivirus program, download the latest signatures, and do a full system scan.

Without a firewall your computer is susceptible to being hacked and taken over:

Kerio Personal Firewall OR ZoneAlarm are good FREE firewalls.

Read Understanding and using firewalls to learn more about using firewalls

VERY IMPORTANT: Never install more than ONE antivirus scanner and firewall on your system! Several together can give problems and decrease their reliability and effectiveness!

Next,

open HijackThis, click do a scan only and place a check next to the following entries:

O20 - AppInit_DLLs: zutozube.dll

O21 - SSODL: rekobofif - {9da8ba02-94b6-42eb-874a-987c18169052} - (no file)

O22 - SharedTaskScheduler: mujuzedij - {68d8bf69-30aa-47fd-b671-890d1b929238} - (no file)

O22 - SharedTaskScheduler: kupuhivus - {41b06838-5bd4-4df7-adcc-a3ba37549c2e} - (no file)

O22 - SharedTaskScheduler: jugezatag - {acc92b1b-d0e4-4983-a406-04f4ad5f8e93} - (no file)

O22 - SharedTaskScheduler: tokatiluy - {4728e706-0f88-4f1e-a381-6e93d12279cb} - (no file)

O22 - SharedTaskScheduler: tokatiluy - {68907469-5820-4e8d-a49e-610299314443} - (no file)

O22 - SharedTaskScheduler: tokatiluy - {e37f9696-321e-4d9d-ada0-d39405e0fca5} - (no file)

Close all other windows and browsers, except HijackThis, and click Fix Checked. Close HijackThis.

Open MBAM, go to the update button and install the latest update. Now perform a quick scan.

Reboot and post a new Hijackthis log and the log from MBAM. Let me know how things are running.

when i try to open malwarebyts it says missing short cut

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.